Register
A data breach occurred in Cosmo Service, Inc. The incident results in huge losses of revenue as a result their mobile app service is withdrawn. Investigators discovered a vulnerability attackers exploited
187k views
4 votes
A data breach occurred in Cosmo Service, Inc. The incident results in huge losses of revenue as a result their mobile app service is withdrawn. Investigators discovered a vulnerability attackers exploited in the HTML5 used to build the app. The vulnerability concerns the use of customized queries, which bypass the mobile app login process. What type of attack was used?

User Giulio
by
6.0k points

1 Answer

6 votes

Answer:

The feature exploited was Cross Origin Resource Sharing (CORS)

Step-by-step explanation:

CORS is an HTML5 mechanism that allows you to share resources even outside of your domain boundaries and it simplifies how is done. CORS establishes several headers to help the system decide which requesters can be trusted and which are not. If security measures, such as properly configuring the Access-Control-Allow-Origin feature (that restricts and defines which domains are authorized to access your resources) are not implemented, then this can be used as a breach to steal private information from your domain.

User Itzhaki
by
5.8k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

6.6m questions

8.7m answers

Other Questions

10 points Wireframing and storyboarding are helpful in which step of web development? Advertising Planning Printing Publishing
What is Blender's default save directory for movie AVI files?
If a website ends with .gov does it mean that its written by the government or?
To group option buttons so that selecting one deselects all of the others, you must make the ____ attribute the same.
How do I turn on your asus chromebook flip?
Link Copied!